Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / pypa/pip-audit issues and pull requests

#689 - build(deps-dev): update cyclonedx-python-lib requirement from ~=4.0 to >=4,<6

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#688 - build(deps-dev): update ruff requirement from <0.1.2 to <0.1.3

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, python

#687 - build(deps-dev): update ruff requirement from <0.1.1 to <0.1.2

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, python

#686 - build(deps-dev): update ruff requirement from <0.0.293 to <0.1.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#685 - build(deps): bump actions/checkout from 4.1.0 to 4.1.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions

#684 - Override URL for pypi service

Issue - State: closed - Opened by MichelEdkrantz 9 months ago - 5 comments
Labels: enhancement

#683 - build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions

#682 - build(deps-dev): update ruff requirement from <0.0.292 to <0.0.293

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, python

#681 - build(deps): bump sigstore/gh-action-sigstore-python from 2.0.1 to 2.1.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions

#680 - [DRAFT] Add expiry date with two arguments

Pull Request - State: open - Opened by KeithWM 9 months ago

#679 - [DRAFT] Add expiry date

Pull Request - State: open - Opened by KeithWM 9 months ago

#678 - build(deps-dev): update ruff requirement from <0.0.291 to <0.0.292

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, python

#677 - build(deps): bump actions/checkout from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, github_actions

#676 - Temporary ignoring of vulnerabilities

Issue - State: open - Opened by KeithWM 9 months ago - 8 comments
Labels: enhancement

#675 - build(deps-dev): update ruff requirement from <0.0.290 to <0.0.291

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python

#674 - build(deps-dev): update ruff requirement from <0.0.289 to <0.0.290

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python

#673 - build(deps-dev): update ruff requirement from <0.0.288 to <0.0.289

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python

#672 - add note on ignoring unfixed vulnerabilities

Pull Request - State: closed - Opened by MFTabriz 10 months ago

#671 - build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#670 - CLI: add a flag to exit with non-zero code only for fixable vulnerabilities

Issue - State: closed - Opened by MFTabriz 10 months ago - 10 comments
Labels: enhancement

#669 - build(deps-dev): update ruff requirement from <0.0.287 to <0.0.288

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python

#668 - build(deps): bump actions/checkout from 3.6.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions

#667 - Move to PyPA org on PyPI?

Issue - State: closed - Opened by webknjaz 10 months ago - 1 comment
Labels: enhancement

#666 - build(deps-dev): update ruff requirement from <0.0.286 to <0.0.287

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python

#664 - Despite --skip-editable, --strict still fails due to editable packages

Issue - State: closed - Opened by marcinbarczynski 10 months ago - 8 comments
Labels: question, component:cli, component:dep-sources, bug-candidate

#663 - build(deps-dev): update ruff requirement from <0.0.285 to <0.0.286

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python

#662 - Duplicates are not supported in requirements.txt when run with --disable-pip

Issue - State: open - Opened by npalmius 11 months ago - 2 comments
Labels: component:dep-sources, bug-candidate

#661 - build(deps): bump sigstore/gh-action-sigstore-python from 2.0.0 to 2.0.1

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions

#660 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.285

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python

#659 - build(deps): bump actions/deploy-pages from 2.0.3 to 2.0.4

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, github_actions

#658 - build(deps-dev): update ruff requirement from <0.0.283 to <0.0.284

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python

#657 - build(deps): bump sigstore/gh-action-sigstore-python from 1.2.3 to 2.0.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions

#656 - build(deps-dev): update ruff requirement from <0.0.281 to <0.0.283

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python

#655 - support poetry lock file source

Issue - State: closed - Opened by kapilt 11 months ago - 2 comments
Labels: enhancement

#654 - Get vulnerability score/severity with pip-audit

Issue - State: open - Opened by matteoannotell 11 months ago - 5 comments
Labels: enhancement, upstream

#653 - mvp for getting scores and severity of vulnerabilities

Pull Request - State: closed - Opened by matteoannotell 11 months ago - 1 comment

#652 - treewide: prep 2.6.1

Pull Request - State: closed - Opened by woodruffw 11 months ago
Labels: chore

#651 - build(deps-dev): update ruff requirement from <0.0.279 to <0.0.281

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python

#650 - build(deps-dev): update ruff requirement from <0.0.278 to <0.0.279

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python

#649 - build(deps): bump actions/deploy-pages from 2.0.2 to 2.0.3

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#648 - build(deps): bump actions/upload-pages-artifact from 1.0.9 to 2.0.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, github_actions

#647 - Fix tempfiles on windows, fixes #646

Pull Request - State: closed - Opened by marickmanrho 12 months ago - 2 comments

#646 - Tempfiles are not working on Windows

Issue - State: closed - Opened by marickmanrho 12 months ago - 3 comments
Labels: bug-candidate, plat:windows

#645 - Fresh installed pip-audit via conda-forge failed to install packages (internal pip failure)

Issue - State: closed - Opened by ovalerio 12 months ago - 4 comments
Labels: upstream

#644 - support for config from toml file

Issue - State: closed - Opened by prathapbelli 12 months ago - 1 comment
Labels: enhancement

#643 - build(deps-dev): update ruff requirement from <0.0.277 to <0.0.278

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python

#642 - build(deps-dev): update ruff requirement from <0.0.276 to <0.0.277

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python

#641 - Prep 2.6.0

Pull Request - State: closed - Opened by woodruffw 12 months ago
Labels: chore

#640 - CHANGELOG: fix link

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#639 - build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#638 - build(deps-dev): update ruff requirement from <0.0.275 to <0.0.276

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#637 - build(deps-dev): update ruff requirement from <0.0.273 to <0.0.275

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#636 - build(deps): bump actions/upload-pages-artifact from 1.0.8 to 1.0.9

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#635 - build(deps): bump actions/checkout from 3.0.0 to 3.5.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#634 - build(deps): bump actions/deploy-pages from 2.0.1 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#633 - Fix adds a fixed dependency in files where there is no original one

Issue - State: open - Opened by q0w about 1 year ago - 2 comments
Labels: bug, component:dep-sources

#632 - build(deps): bump github/codeql-action from 2.3.6 to 2.13.4

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#631 - build(deps-dev): update ruff requirement from <0.0.272 to <0.0.273

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#630 - build(deps-dev): update ruff requirement from <0.0.271 to <0.0.272

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#629 - build(deps): bump github/codeql-action from 2.3.5 to 2.3.6

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, github_actions

#628 - pyproject: bump CacheControl

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: dependencies, chore

#627 - simplified the usage of CycloneDx

Pull Request - State: closed - Opened by ThunderKey about 1 year ago
Labels: component:output-formats

#626 - Reintroduce dependency optimization

Pull Request - State: closed - Opened by trottomv about 1 year ago - 9 comments
Labels: component:dep-sources

#625 - updated cyclonedx dependency

Pull Request - State: closed - Opened by ThunderKey about 1 year ago - 2 comments
Labels: component:output-formats, dependencies

#624 - build(deps): bump github/codeql-action from 2.3.4 to 2.3.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#623 - build(deps-dev): update ruff requirement from <0.0.270 to <0.0.271

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#622 - build(deps): bump github/codeql-action from 2.3.3 to 2.3.4

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#621 - Do a better job of signaling when audited dependencies come from `pip-audit` itself

Issue - State: open - Opened by woodruffw about 1 year ago - 7 comments
Labels: component:dep-sources, discussion

#620 - build(deps-dev): update urllib3 requirement from <2.0,>=1.26 to >=1.26,<3.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#619 - build(deps-dev): update urllib3 requirement from ~=1.26 to >=1.26,<2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#618 - treewide: 2.5.6

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#617 - pyproject: constrain urllib3

Pull Request - State: closed - Opened by woodruffw about 1 year ago - 2 comments
Labels: dependencies

#616 - pip-audit imports a vulnerable version of the requests package

Issue - State: closed - Opened by behnazh-w about 1 year ago - 12 comments
Labels: dependencies, bug-candidate

#615 - build(deps-dev): update requests requirement from <2.30 to <2.32

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#614 - build(deps-dev): update ruff requirement from <0.0.268 to <0.0.270

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#613 - `pip-audit` raises `TypeError: HTTPResponse`

Issue - State: closed - Opened by Tomperez98 about 1 year ago - 1 comment
Labels: duplicate

#612 - build(deps-dev): update ruff requirement from <0.0.266 to <0.0.268

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#611 - build(deps-dev): update ruff requirement from <0.0.265 to <0.0.266

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#610 - Reintroduce the preresolved dependency optimization

Issue - State: closed - Opened by woodruffw about 1 year ago - 10 comments
Labels: component:dep-sources, performance

#609 - build(deps): bump github/codeql-action from 2.3.2 to 2.3.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#608 - build(deps-dev): update requests requirement from <2.30 to <2.31

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 4 comments
Labels: dependencies, python

#607 - CHANGELOG: fix entries

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#606 - chore: prep 2.5.5

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#605 - pyproject: add, pin requests

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: bug, dependencies

#604 - build(deps-dev): update ruff requirement from <0.0.264 to <0.0.265

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#603 - build(deps): bump github/codeql-action from 2.3.1 to 2.3.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#602 - build(deps): bump github/codeql-action from 2.3.0 to 2.3.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#601 - Cannot include git repo as a dependency

Issue - State: closed - Opened by seankfh about 1 year ago - 3 comments
Labels: duplicate

#600 - build(deps-dev): update ruff requirement from <0.0.263 to <0.0.264

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#599 - Failure to find dependency that was installed from extra index url

Issue - State: open - Opened by cornelius-braun about 1 year ago - 8 comments
Labels: bug, component:dep-sources

#598 - build(deps): bump github/codeql-action from 2.2.12 to 2.3.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#597 - build(deps-dev): update ruff requirement from <0.0.262 to <0.0.263

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python

#596 - OS matrix in CI

Pull Request - State: open - Opened by jleightcap about 1 year ago

#595 - build(deps): bump actions/deploy-pages from 2.0.0 to 2.0.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#594 - build(deps): bump github/codeql-action from 2.2.11 to 2.2.12

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#593 - How to deal with vulnerabilities that won't be resolved anytime soon?

Issue - State: closed - Opened by sebastian-philipp about 1 year ago - 1 comment
Labels: enhancement

#592 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.11

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#591 - build(deps-dev): update ruff requirement from <0.0.261 to <0.0.262

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#590 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.10

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#589 - Support upgrading hashes with `--fix`

Issue - State: open - Opened by q0w about 1 year ago - 5 comments
Labels: bug